Illinois well being division uncovered over 700,000 residents’ private knowledge for years

The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.

The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered.

Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.

The exposed data also included names, addresses, case statuses, and other information relating to 32,401 individuals in receipt of services from the department’s Division of Rehabilitation Services.

IDHS said it was unable to determine if anyone had viewed the publicly exposed maps during the four years that they were accessible on the web.